<?php
session_start();
echo '<head>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
		<script type="text/javascript" src="include/jquery.js"></script>
		<script type="text/javascript" src="include/functions.js"></script>
	</head>';
	
include_once('styles/style.php');
include_once('lang/lang.php');
include_once('lang/'.$lang_file);
include_once('lang/lang_choose.php');
//check for existing config file
if(!file_exists("include/db_config.php")) {
	include_once('install/setup.php');
} else if(isset($_POST["logout"])){
		$_SESSION["id"] = null;
		$_SESSION["loggedin"] = null;
		session_destroy();
        session_start();	
 } else if(!isset($_SESSION["id"])){
	if(isset($_POST["login"]) && isset($_POST["pass"])){
		include_once('include/db_config.php');
		$link = mysqli_connect($host, $user, $pass) or die($lang["FAILED_TO_CONNECT"]);
		mysqli_select_db($link, $db) or die($lang["FAILED_TO_SELECT_DB"].': '.mysqli_error($link));
		$table_name = $prefix.'_ADMINS';
		$login = mysql_real_escape_string($_POST["login"]);
		$pass2 = mysql_real_escape_string($_POST["pass"]);
		
		$query = 'SELECT * FROM '.$table_name.' WHERE name = \''.$login.'\' AND PASS =\''.$pass2.'\'';
		$result = mysqli_query($link,  $query);
		if(!$result){
			$error = mysqli_error($link);
			mysqli_close($link);
			echo $query;
			echo '<br/>';
			die($error);
        }
		if($admin = mysqli_fetch_array($result)){
			$_SESSION['loggedin'] = 'Y';
            $fields = array(
            'id','name','add_admins','edit_admins','del_admins',
            'add_vips','edit_vips','del_vips',
            'add_vips_t','edit_vips_t','del_vips_t',
            'add_srv','edit_srv','del_srv'
            );
			$_SESSION['id'] = $admin['id'];
			$_SESSION['name'] = $admin['name'];
            foreach($fields as $fld){
                if($admin[$fld] == 1)
                    $_SESSION[$fld] = $admin[$fld];
            }
		}
	}
}
	header('Location: main.php');
?>